设为首页收藏本站
切换到窄版

VPS侦探论坛

 找回密码
 注册
VPS侦探论坛»VPS侦探论坛 技术交流区 LNMP一键安装包 lnmp安装证书失败
返回列表 发新帖
查看: 3878|回复: 9

lnmp安装证书失败

[复制链接]
pkz1024
发表于 2020-8-13 11:11:18 | 显示全部楼层 |阅读模式

最近通过lnmp dnsssl dp来安装证书提示失败,DP_Id跟DP_Key没有错误。不知道什么问题?错误如下截图

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?注册

x
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复

举报

licess
发表于 2020-8-13 14:50:45 | 显示全部楼层


lnmp什么版本?
第一次添加ssl是什么时候?

/usr/local/acme.sh/acme.sh --upgrade 升级一下再试试
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

pkz1024
 楼主| 发表于 2020-8-13 14:58:32 | 显示全部楼层

本帖最后由 pkz1024 于 2020-8-13 15:05 编辑
licess 发表于 2020-8-13 14:50
lnmp什么版本?
第一次添加ssl是什么时候?

你好,军哥,lnmp 是1.6版本,已经升级过了,之前是上个月其他服务器添加没有问题,这个月添加就出现这个问题了,这个服务器是没添加过证书的刚看日志
[Thu Aug 13 14:59:59 CST 2020] _currentRoot='dns_dp'
[Thu Aug 13 14:59:59 CST 2020] d
[Thu Aug 13 14:59:59 CST 2020] config file is empty, can not read CA_KEY_HASH
[Thu Aug 13 14:59:59 CST 2020] Using config home:/usr/local/acme.sh
[Thu Aug 13 14:59:59 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu Aug 13 14:59:59 CST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu Aug 13 14:59:59 CST 2020] RSA key
[Thu Aug 13 14:59:59 CST 2020] Registering account
[Thu Aug 13 14:59:59 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu Aug 13 14:59:59 CST 2020] payload='{"termsOfServiceAgreed": true}'
[Thu Aug 13 14:59:59 CST 2020] HEAD
[Thu Aug 13 14:59:59 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu Aug 13 14:59:59 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g  -I  '
[Thu Aug 13 15:00:00 CST 2020] _ret='0'
[Thu Aug 13 15:00:00 CST 2020] POST
[Thu Aug 13 15:00:00 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu Aug 13 15:00:00 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Thu Aug 13 15:00:01 CST 2020] _ret='0'
[Thu Aug 13 15:00:01 CST 2020] code='400'
[Thu Aug 13 15:00:01 CST 2020] Register account Error: {
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Parse error reading JWS",
  "status": 400
}
[Thu Aug 13 15:00:01 CST 2020] _on_issue_err
[Thu Aug 13 15:00:01 CST 2020] Please check log file for more details: /usr/local/acme.sh/acme.sh.log


美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复 支持 反对

举报

licess
发表于 2020-8-13 17:57:40 | 显示全部楼层



pkz1024 发表于 2020-8-13 14:58
你好,军哥,lnmp 是1.6版本,已经升级过了,之前是上个月其他服务器添加没有问题,这个月添加就出现这个 ...

我这边测试dnspod api方式不论upgrade前后都可以正常生成ssl证书

我感觉要不就是可能你dnspod后台开了IP白名单或者api请求次数多被拉黑之类的
你可以修改 /usr/local/acme.sh/account.conf 将里面 #LOG_LEVEL=1 改成 LOG_LEVEL=2 保存,再重新生成证书试试,将完整的acme.sh.log发一下看看
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

pkz1024
 楼主| 发表于 2020-8-13 19:51:40 | 显示全部楼层

本帖最后由 pkz1024 于 2020-8-13 19:54 编辑
licess 发表于 2020-8-13 17:57
我这边测试dnspod api方式不论upgrade前后都可以正常生成ssl证书

我感觉要不就是可能你dnspod后台开了IP ...
修改后日志如下
[Thu Aug 13 19:53:36 CST 2020] LE_WORKING_DIR='/usr/local/acme.sh'
[Thu Aug 13 19:53:36 CST 2020] Running cmd: issue
[Thu Aug 13 19:53:36 CST 2020] _main_domain='l.lfdths.com'
[Thu Aug 13 19:53:36 CST 2020] _alt_domains='lfdths.com'
[Thu Aug 13 19:53:36 CST 2020] Using config home:/usr/local/acme.sh
[Thu Aug 13 19:53:36 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu Aug 13 19:53:36 CST 2020] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu Aug 13 19:53:36 CST 2020] DOMAIN_PATH='/usr/local/nginx/conf/ssl/l.lfdths.com'
[Thu Aug 13 19:53:36 CST 2020] 'dns_dp' does not contain 'dns'
[Thu Aug 13 19:53:36 CST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Thu Aug 13 19:53:36 CST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu Aug 13 19:53:36 CST 2020] GET
[Thu Aug 13 19:53:36 CST 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Thu Aug 13 19:53:36 CST 2020] timeout=
[Thu Aug 13 19:53:36 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Thu Aug 13 19:53:36 CST 2020] ret='0'
[Thu Aug 13 19:53:36 CST 2020] response='{
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
  "zx_nxN_sSVU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}'
[Thu Aug 13 19:53:37 CST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Thu Aug 13 19:53:37 CST 2020] ACME_NEW_AUTHZ
[Thu Aug 13 19:53:37 CST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu Aug 13 19:53:37 CST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu Aug 13 19:53:37 CST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Thu Aug 13 19:53:37 CST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Thu Aug 13 19:53:37 CST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu Aug 13 19:53:37 CST 2020] ACME_VERSION='2'
[Thu Aug 13 19:53:37 CST 2020] Le_NextRenewTime
[Thu Aug 13 19:53:37 CST 2020] _on_before_issue
[Thu Aug 13 19:53:37 CST 2020] _chk_main_domain='l.lfdths.com'
[Thu Aug 13 19:53:37 CST 2020] _chk_alt_domains='lfdths.com'
[Thu Aug 13 19:53:37 CST 2020] 'dns_dp' does not contain 'no'
[Thu Aug 13 19:53:37 CST 2020] Le_LocalAddress
[Thu Aug 13 19:53:37 CST 2020] d='l.lfdths.com'
[Thu Aug 13 19:53:37 CST 2020] Check for domain='l.lfdths.com'
[Thu Aug 13 19:53:37 CST 2020] _currentRoot='dns_dp'
[Thu Aug 13 19:53:37 CST 2020] d='lfdths.com'
[Thu Aug 13 19:53:37 CST 2020] Check for domain='lfdths.com'
[Thu Aug 13 19:53:37 CST 2020] _currentRoot='dns_dp'
[Thu Aug 13 19:53:37 CST 2020] d
[Thu Aug 13 19:53:37 CST 2020] 'dns_dp' does not contain 'apache'
[Thu Aug 13 19:53:37 CST 2020] config file is empty, can not read CA_KEY_HASH
[Thu Aug 13 19:53:37 CST 2020] _saved_account_key_hash
[Thu Aug 13 19:53:37 CST 2020] Using config home:/usr/local/acme.sh
[Thu Aug 13 19:53:37 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu Aug 13 19:53:37 CST 2020] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu Aug 13 19:53:37 CST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu Aug 13 19:53:37 CST 2020] RSA key
[Thu Aug 13 19:53:37 CST 2020] Registering account
[Thu Aug 13 19:53:37 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu Aug 13 19:53:37 CST 2020] payload='{"termsOfServiceAgreed": true}'
[Thu Aug 13 19:53:37 CST 2020] Use cached jwk for file: /usr/local/acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu Aug 13 19:53:37 CST 2020] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu Aug 13 19:53:37 CST 2020] HEAD
[Thu Aug 13 19:53:37 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu Aug 13 19:53:37 CST 2020] body
[Thu Aug 13 19:53:37 CST 2020] _postContentType='application/jose+json'
[Thu Aug 13 19:53:37 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g  -I  '
[Thu Aug 13 19:53:38 CST 2020] _ret='0'
[Thu Aug 13 19:53:38 CST 2020] _headers='HTTP/2 200
server: nginx
date: Thu, 13 Aug 2020 11:53:37 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0002pb6ADN_PL52vCJ4lqsw6BHuJcsCZUetvQT1LgLlniDY
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu Aug 13 19:53:38 CST 2020] _CACHED_NONCE='0002pb6ADN_PL52vCJ4lqsw6BHuJcsCZUetvQT1LgLlniDY'
[Thu Aug 13 19:53:38 CST 2020] nonce='0002pb6ADN_PL52vCJ4lqsw6BHuJcsCZUetvQT1LgLlniDY'
[Thu Aug 13 19:53:38 CST 2020] POST
[Thu Aug 13 19:53:38 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu Aug 13 19:53:38 CST 2020] body='{"protected": "eyJub25jZSI6ICIwMDAycGI2QUROX1BMNTJ2Q0o0bHFzdzZCSHVKY3NDWlVldHZRVDFMZ0xsbmlEWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICIiLCAia3R5IjogIlJTQSIsICJuIjogIiJ9fQ", "payload": "eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9", "signature": "VLvyoZhy1UgCkMOohYPC_vilEB6TK8o8L5q1yT0rZX1H57Hrox9JkFHjSDN0HLt8zBQ5JmNiOtz9aBULUSU7fvfx29-d3M8_qxAofZwH9CKIBDT_-WcllGWgpZNqnKLCocCLO5DyVCK9Td3UBRQXmHeuIpsQoIUiPAPz_x74UVrd6HB5pOCWHbe0VGXVSnp_xLl5VdBbuk_oaC28y6J2EO8ko8Ttqg6qnNfLXlLK9RKlKJ69ooG0rlHgW1Ju5avc1plti3-IGQhv8I-iW4my21ciU-PkKn8HR1NTdCQWKfu8ZMSrDejaY6OhMsciCQj8-U3NHfXfy18INqN8L9gfNw"}'
[Thu Aug 13 19:53:38 CST 2020] _postContentType='application/jose+json'
[Thu Aug 13 19:53:38 CST 2020] Http already initialized.
[Thu Aug 13 19:53:38 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Thu Aug 13 19:53:38 CST 2020] _ret='0'
[Thu Aug 13 19:53:38 CST 2020] responseHeaders='HTTP/2 400
server: nginx
date: Thu, 13 Aug 2020 11:53:38 GMT
content-type: application/problem+json
content-length: 108
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0102mhXep8XIUtTXAm9EhcCAm4yM20EnPLBOR5lcqWcPNyo
'
[Thu Aug 13 19:53:38 CST 2020] code='400'
[Thu Aug 13 19:53:38 CST 2020] original='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Parse error reading JWS",
  "status": 400
}'
[Thu Aug 13 19:53:38 CST 2020] response='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Parse error reading JWS",
  "status": 400
}'
[Thu Aug 13 19:53:38 CST 2020] Register account Error: {
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Parse error reading JWS",
  "status": 400
}
[Thu Aug 13 19:53:38 CST 2020] _on_issue_err
[Thu Aug 13 19:53:38 CST 2020] Please check log file for more details: /usr/local/acme.sh/acme.sh.log
[Thu Aug 13 19:53:38 CST 2020] _chk_vlist

军哥运维代购:http://shop63846532.taobao.com/
回复 支持 反对

举报

licess
发表于 2020-8-14 08:56:17 | 显示全部楼层

pkz1024 发表于 2020-8-13 19:51
修改后日志如下
[Thu Aug 13 19:53:36 CST 2020] LE_WORKING_DIR='/usr/local/acme.sh'
[Thu Aug 13 19:53: ...

不清楚什么问题,我这边测试也都是正常的,有可能就是你系统上的问题
你是什么系统及版本?
回复 支持 反对

举报

pkz1024
 楼主| 发表于 2020-8-14 10:02:57 | 显示全部楼层

licess 发表于 2020-8-14 08:56
不清楚什么问题,我这边测试也都是正常的,有可能就是你系统上的问题
你是什么系统及版本? ...

centos8版本。
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复 支持 反对

举报

pkz1024
 楼主| 发表于 2020-8-14 10:05:23 | 显示全部楼层

licess 发表于 2020-8-14 08:56
不清楚什么问题,我这边测试也都是正常的,有可能就是你系统上的问题
你是什么系统及版本? ...

你好,centos7系统可以,centos8就不可以,怎么处理这个问题?
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

licess
发表于 2020-8-14 14:40:53 | 显示全部楼层

pkz1024 发表于 2020-8-14 10:05
你好,centos7系统可以,centos8就不可以,怎么处理这个问题?

我这边有centos 8的测试机,centos 8 上测试了没有问题

军哥运维代购:http://shop63846532.taobao.com/
回复 支持 反对

举报

pkz1024
 楼主| 发表于 2020-8-14 15:01:49 | 显示全部楼层



licess 发表于 2020-8-14 14:40
我这边有centos 8的测试机,centos 8 上测试了没有问题

那可能这个系统有问题,vim软件都用不了,要用vi,谢谢军哥答疑
回复 支持 反对

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-9-21 13:36 , Processed in 0.029899 second(s), 18 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表